Security Bulletin

A fake version of the Alpine Quest app was used to discreetly spy on Russian military Android devices by harvesting personal data and geolocation details, Hack Read reports.

Industrial Cyber reports that cyberattacks against energy infrastructure are rapidly intensifying worldwide, with critical installations like nuclear facilities increasingly in the crosshairs of both cybercriminals and nation-state actors, according...

DevOps security firm Cycode has updated its application security posture management platform with agentic artificial intelligence and improvements to its CI/MON tool for improved code security, SiliconAngle reports.

Notorious cybercrime marketplace BreachForums was announced by its new owner "Anastasia" to be revived on Thursday following its disruption in a distributed denial-of-service attack by pro-Palestinian hacktivist group Dark Storm Team last week...

Officials at Baltimore City Public Schools have confirmed that over 1,150 students, as well as current and former employees, contractors, and volunteers, had their information stolen following a ransomware attack in February, according to The Record...

SecurityWeek reports that Milwaukee-based ambulance service provider Bell Ambulance and Alabama-based ophthalmology practice Alabama Ophthalmology Associates have disclosed being impacted by separate ransomware attacks that cumulatively compromised...

Leading South Korean telecommunications provider SK Telecom had some of its customers' USIM details leaked following the compromise of its systems, according to The Korea Times.

Major UK multinational food and clothing retailer Marks & Spencer had its contactless payment and online click-and-collect services taken down following a recent cyberattack, Computer Weekly reports.

BleepingComputer reports that attacks involving a critical stack-based overflow zero-day vulnerability impacting Qualitia's web-based email client Active! mail, tracked as CVE-2025-42599, have been launched against major Japanese organizations.

Official XRP Ledger library infected to facilitate crypto theft Widely used XRP Ledger Foundation-maintained npm JavaScript library xrpl.js which Ripple recommended for the XRP blockchain has been compromised with malicious code enabling the...

Docker environments have been subjected to a novel cryptojacking malware campaign that facilitated cryptomining by establishing a link to the Web3 service teneo.pro, which allows social media data monetization, Infosecurity Magazine reports.

Enterprises face several challenges to secure access to AI models and chatbots. Cisco Secure Access extends the security perimeter to address these challenges.